Breaking into and Reverse Engineering iOS Photo Vaults – blog.ioactive.com
For whatever reason, a lot of people store risqué pictures on their devices. Why they feel the need to do that is left for another discussion. This behavior has fueled a desire to protect photos on mobile devices.

Sleepy Puppy Extension for Burp Suite – techblog.netflix.com
Netflix recently open sourced Sleepy Puppy – a cross-site scripting (XSS) payload management framework for security assessments. One of the most frequently requested features for Sleepy Puppy has been for an extension for Burp Suite, an integrated platform for web application security testing.

Microsoft Security Intelligence Report Volume 19 is now available – blogs.microsoft.com
This includes threat data from the first half of 2015 as well as longer term trend data on the industry vulnerabilities, exploits, malware, and malicious websites that your organization should use to assess your current security posture. We are also providing threat data for over 100 countries/regions.

Nmap 7 Released – nmap.org
The Nmap Project is pleased to announce the immediate, free availability of the Nmap Security Scanner version 7.00. It is the product of three and a half years of work, nearly 3200 code commits, and more than a dozen point releases since the big Nmap 6 release in May 2012.

PwnBin – github.com
PwnBin is a webcrawler which searches public pastebins for specified keywords. All pastes are then returned after sending completion signal ctrl+c.

Aircrack-ng 1.2 Release Candidate 3 – aircrack-ng.blogspot.com
Third release candidate and hopefully this should be the last one. It contains a ton of bug fixes, code cleanup, improvements and compilation fixes everywhere. Some features were added: AppArmor profiles, better FreeBSD support, including an airmon-ng for FreeBSD

Vulnerabilities

PNG pongs: critical bug patched in ubiquitous libpng – www.theregister.co.uk
This will not be fun: the graphics processing library libpng has a vulnerability and needs to be patched. The problem for that is that libpng is everywhere – in browsers, anything that processes photos to produce thumbnails, file browsers, music players, in applications in every operating system.

Siri’s Flaw: Apple’s Personal Assistant Leaks Personal Data – blog.trendmicro.com
Siri for iOS devices has made everyday tasks easier; whether it is getting directions to the nearest gas station or staying in contact with growing social media networks. iOS users can just call out a contact’s name and the device will populate with a telephone number and email address. However, convenience comes with a price: personal information.

TrueCrypt
The Fraunhofer Institute for Secure Information Technology (SIT) was commissioned by the Federal Office for Security in Information Technology Encryption Software (BSI) TrueCrypt investigated. It is safe in the opinion of the researchers, as it suggest previous analyzes. The cryptographic functions are only “in very rare cases, be attacked”.

California’s Cyber Security Policy Is Now the Strongest in the U.S. – tech.co
Technology solves a lot of problems, but it can also help contribute to new ones. Cyber attacks are on the rise and they don’t appear to be letting up. One of the dilemmas that the digital age has created is the conundrum concerning the extent to which digital content can be considered private.

Sponsors

About Us

Infosec Events is dedicated to the growing information security industry. We strive to provide useful information and resources to those in the industry. Don't hesitate to contact us should you need anything.